table of contents
selinux_raw_context_to_color(3) | Library Functions Manual | selinux_raw_context_to_color(3) |
NAME¶
selinux_raw_context_to_color - Return RGB color string for an SELinux security context
SYNOPSIS¶
#include <selinux/selinux.h>
int selinux_raw_context_to_color(const char *raw,
DESCRIPTION¶
selinux_raw_context_to_color() returns a color_str associated to the raw context raw provided that the mcstransd(8) daemon is running, the policy is an MLS type policy (MCS or MLS) and there is a color configuration file secolor.conf(5) (see the FILES section).
The color_str string is a space separated list of eight hexadecimal RGB triples, each prefixed by a hash character (#). These represent the user:role:type:range components of the foreground and background colors. An example string is shown in the EXAMPLE section.
The returned color_str string must be freed with free(3).
If a color has not been configured for a specific user, role, type and/or range component of context raw, then selinux_raw_context_to_color() will select the color returned in color_str in order of precedence as follows:
user, type, range
user, role, range
user, role, type
If there are no entries in the secolor.conf(5) file for any of the components of context raw (or the file is not present), then the default string returned in color_str is:
#000000 #ffffff #000000 #ffffff #000000 #ffffff #000000 #ffffff
RETURN VALUE¶
On success, zero is returned.
On failure, -1 is returned with errno set appropriately.
ERRORS¶
ENOENT If the mcstransd(8) daemon is not running.
FILES¶
selinux_raw_context_to_color() obtains the translated entry from the active policy secolor.conf(5) file as returned by selinux_colors_path(3). The file format is described in secolor.conf(5).
NOTES¶
1. The primary use of selinux_raw_context_to_color() is to return a color that corresponds to a range, that can then be used to highlight information at different MLS levels.
2. The mcstransd(8) daemon process security level must dominate the raw security level passed to it by the selinux_raw_context_to_color() function. If not, the range color selected will be as defined by the order of precedence.
EXAMPLE¶
selinux_raw_context_to_color() returns the foreground and background colors of the context string components (user:role:type:range) as RGB triples as follows:
user : role : type : range
fg bg : fg bg : fg bg : fg bg
#000000 #ffffff #ffffff #000000 #d2b48c #ffa500 #000000 #008000
black white : white black : tan orange : black green
SEE ALSO¶
selinux(8), selinux_colors_path(3), mcstransd(8), secolor.conf(5), selinux_raw_to_trans_context(3), selinux_trans_to_raw_context(3), free(3)
08 April 2011 | SELinux API documentation |